Contents

What is Traceability?

Software traceability is "the ability to interrelate any uniquely identifiable software engineering artifact to any other, maintain required links over time, and use the resulting network to answer questions of both the software product and its development process."

Traceability is a required component of the approval and certification process in most safety-critical systems. For example, the DO-178C
standard, which the USA Federal Aviation Administration (FAA) has established as the means of certifying that software aspects of airborne systems comply with airworthiness requirements, specifies a very detailed set of traceability requirements including the need to provide traceability between source code and low-level requirements" in order to enable verification of the absence of undocumented source
code and verification of the complete implementation of the low-level requirements." Similarly, the USA Food and Drug Administration (FDA) states that traceability analysis must be used to verify that the software design implements the specified software requirements, that all aspects of the design are traceable to software requirements, and that all code is linked to established specifications and test procedures.

To make a system traceable, navigable links must be created between artifacts that are otherwise disconnected, i.e. requirements, code, and test cases. [Example]. These links must be documented,stored and easily retrievable. A user-friendly system for processing and understanding these links must be developed.

Traceability is a required component of the approval and certification process in most safety-critical systems, where systems must demonstratively meet a set of standards and mitigate any potential hazards. Codes and test cases must be linked to a requirement of the system. [Expand on this with isolette example?]

Traceability design must respond to the particular needs of a system's stakeholders; a traceability system built to suit all needs would be prohibitively expensive.

CoEST's vision is that traceability strategy become a built-in, implicit part of systems in a way that is cost-effective and responsive to the needs of stakeholders.

Components of Traceability

Trace Artifact: units of data that are amenable to being traced. The granularity of a trace artifact can vary, even within a given project.

Source Artifact: The origin of a trace.

Trace link: Association between source and target artifacts.

Target Artifact: The destination of that trace. [Example?]

Link direction: Either primary (source to target) or reverse (target to source).

Trace: A specified triplet of elements: the source artifact, trace link, and target artifact. This can also be referred to as an atomic trace.

A chained trace refers to a group of atomic traces strung in a sequence, where a target artifact becomes the source artifact for another target artifact. [Illustration here.]

Options for Traceability Design

Trace capture: implies the creation of trace links concurrently with the artifacts that they associate
vs.
Trace recovery: implies the creation of trace links after the artifacts that they associate have been generated and manipulated.

Continuous traceability maintenance: The update of impacted trace links immediately following changes to trace artifacts.
vs.
On-demand traceability maintenance: A dedicated and overall update of the trace set, generally in response to some explicit trigger.

Vertical tracing:links artifacts at differing levels of abstraction vs Horizontal tracing:liking artifacts at the same level of abstraction at different moments in time to accommodate versioning and rollback.

Trace granularity: The level of detail at which a trace is recorded and performed.

Requirements for an Effective Traceability Strategy

A traceability strategy must be designed to enable the following:

Retaining artifacts within a system

Developing capacity to establish meaningful links between the artifacts

Making links between different types of artifacts (regulations and code, for example)

Developing procedures for analyzing traces.

What granularity is the project working at? How are we categorizing these artifacts? How are we storing them?

Which tracing activities should be manual? Which should be automatic?

Making links within a massive volume of data, and then understanding the implications of those links.

Categorizing and storing the links.

Deciding what should be automated and what should be manual, and then deciding who should be responsible for maintaining traceability within the system.

It is essential that those designing traceability strategy in a system understand the needs of that system's stakeholders.